<?php
require("include/db.php");
?>
<?php
$conn=getconnection();
if ($_POST['userType']=="Member")
{
    $sql="select * from member where username='".$_POST["name"]."' and password='".$_POST["password"]."'";
    $result = mysql_query($sql, $conn);
    $rows   = mysql_num_rows($result);
    $row=mysql_fetch_array($result);
    if   ($rows   !=   0)
    {
        session_start();
        $_SESSION["userType"] = $_POST['userType'];
        $_SESSION["name"] = $_POST['name'];
        $_SESSION["memberid"] = $row['id'];
        mysql_close($conn);
        header("Location: member/index.php");
    }
    else
    {
        include "include/head.php";
        echo "<h1>password is incorrect</h1>";
    }    
}
if ($_POST['userType']=="Administrator")
{
	  if ($_POST["name"]=="admin" and $_POST["password"]=="password")
	  {
       header("Location: admin/index.php");
    }
    else
    {
        include "include/head.php";
        echo "<h1>password is incorrect</h1>";
    }
}
if ($_POST['userType']=="Company")
{
    $sql="select * from company where companyname='".$_POST["name"]."' and password='".$_POST["password"]."'";
    $result = mysql_query($sql, $conn);
    $rows   = mysql_num_rows($result);
    $row=mysql_fetch_array($result);
    if   ($rows   !=   0)
    {
        session_start();
        $_SESSION["userType"] = $_POST['userType'];
        $_SESSION["name"] = $_POST['name'];
        $_SESSION["companyid"] = $row['id'];
        mysql_close($conn);
        header("Location: company/index.php");
    }
    else
    {
        include "include/head.php";
        echo "<h1>password is incorrect</h1>";
    }
}
?>
<?php
include "include/foot.php";
?>
